Time to tighten account security?

Oh, it’s probably bots that post. I just don’t think it’s bots that create the accounts. As I’ve heard it, you have these super low-paid people who do nothing but sign up for web forums, add the username and password to a master list, and then the spam software uses them to post. But that’s nothing new.

It’s also possible that my security question either made it into the spammer’s master list of possible questions (real people can maintain those lists as well), or was simple enough that it was parsed by a bot. It’s possible, I suppose.

I’ve added a bunch more questions for it to randomly choose between. The trick is putting in about a dozen or so “answers” to cover all the likely phrasings or variations to the answer, and asking questions that encourage simple responses to begin with. Here’s the current set of security questions I have in there now, for signing up. I think I’ve covered all of the likely correct answers and variations on the answer for each. None of them are trying to be clever or tricky – the point is just to ask something that a bot wouldn’t have any idea what’s supposed to go in the answer blank.

What is 10 minus 2 plus 14?
Which of these is the Earth? A moon, a star, an asteroid, a planet, a comet, a black hole, or a rabbit?
You start with twenty apples and give five away. How many do you have left? (Hint: Not a trick question)
Regarding the IF Community, what does “IF” stand for?
Robins, doves, pigeons, falcons, and owls are all what basic type of animal?
Traditionally, what would you have seen a cowboy riding in the old west?
What four letters does the word Dusty start with (Hint: one word, four letters).
All of these are vowels: i a u e o. Is that true, or is it false?
What general color falls somewhere in the middle of black and white, being a mix of both?
In the color designation RGB, what does the G stand for?
In terms of music and data media, what does “CD” stand for?
When is it more likely to see a bunch of stars in the sky? During the day, or at night?
Is 11:30 AM before noon, or after?
Is 3:45 PM before noon, or after?
Spell the word “food” backwards. (Hint: Not a trick question.)
Spell the word “paper” backwards. (Hint: Not a trick question.)
How many letters are there in the english alphabet, not counting Y and Z?
What grade comes after 4th grade?
What studio/person is famous for creating Mickey Mouse, Donald Duck, and Goofy?

@Hannes:

That’s quite true. I don’t usually concern myself unnecessarily with legal issues outside of the US. All of the litigation that I’m familiar concerning Google with is based in, and on, US law.

I congratulate you on your cleverness, if not for your civility.

Cheers.

Heh. Careful with this one, you’re as likely to get 22 as -6.

Maybe if you had only (easy) IF-related questions like the “Regarding the IF Community, what does “IF” stand for” it would be easier for the spammers to just move on to the next forum than to start researching for the answer?

Too arduous. We do get genuine newcomers around here.

-6 is one of the accepted answers. And “minus six”, “negative six” and others.

I was hesitant to even include that one, and may end up removing it (although it can be answered by looking at the forum title). I could see somebody wanting to ask questions about what they consider to be “adventure games” after coming upon the site doing a Google search. I definitely wouldn’t want to focus even more on IF-specific knowledge. The idea isn’t supposed to filter out humans with basic comprehension skills – just bots. If I’m right and the sign-ups are actually being done by people, my opinion is that we’ll just have to keep dealing with them case by case. I’d rather allow human spammer sign-ups than accidentally prevent legitimate visitors.

Some of them may still be too hard to assume everybody would know. The G in RGB, for instance, or what CD stands for. The list will probably evolve as needed.